Login

u/Desperate-Art2958

▲ 1 r/sideprojects

Not posting this as a promotion — I’m more interested in sharing the architecture and getting feedback on whether the approach makes sense.

Design overview

All encryption happens on-device (server never sees plaintext)

Master key derived using Argon2id (memory-hard, device-tuned)

Per-item keys derived via HKDF (key separation per item)

Data encrypted using AES-256-GCM with associated data binding (userId, itemId, type)

Sharing model

This was the most challenging part. Instead of server-side re-encryption:

Each user has an X25519 keypair

Each share generates a fresh symmetric key (DEK)

DEK is encrypted using recipient’s public key (ECDH + HKDF)

Server stores only ciphertext + wrapped key

Implementation challenges

Handling crypto without blocking UI (isolates / background work)

Managing key lifecycle in memory (auto-lock, clearing sensitive data)

Designing UX that stays simple while enforcing strict security rules

Keeping state consistent across sessions without leaking secrets

Open questions / things I’m evaluating

Public key distribution trust (currently email-based lookup → considering pinning/fingerprints)

Key rotation strategy for users

Whether to move authentication toward a PAKE (SRP / OPAQUE)

Tradeoffs around metadata leakage

I’ve made the project open-source here: https://github.com/TrendySloth1001/keepit/releases

If anyone has experience with E2E systems, secure storage, or crypto-heavy apps, I’d really appreciate any feedback or criticism — especially on the sharing flow and key management.

u/Desperate-Art2958 — 9 days ago
▲ 0 r/androiddev

Not posting this as a promotion — I’m more interested in sharing the architecture and getting feedback on whether the approach makes sense.

Design overview

  • All encryption happens on-device (server never sees plaintext)
  • Master key derived using Argon2id (memory-hard, device-tuned)
  • Per-item keys derived via HKDF (key separation per item)
  • Data encrypted using AES-256-GCM with associated data binding (userId, itemId, type)

Sharing model

This was the most challenging part. Instead of server-side re-encryption:

  • Each user has an X25519 keypair
  • Each share generates a fresh symmetric key (DEK)
  • DEK is encrypted using recipient’s public key (ECDH + HKDF)
  • Server stores only ciphertext + wrapped key

Implementation challenges

  • Handling crypto without blocking UI (isolates / background work)
  • Managing key lifecycle in memory (auto-lock, clearing sensitive data)
  • Designing UX that stays simple while enforcing strict security rules
  • Keeping state consistent across sessions without leaking secrets

Open questions / things I’m evaluating

  • Public key distribution trust (currently email-based lookup → considering pinning/fingerprints)
  • Key rotation strategy for users
  • Whether to move authentication toward a PAKE (SRP / OPAQUE)
  • Tradeoffs around metadata leakage

I’ve made the project open-source here: https://github.com/TrendySloth1001/keepit/releases

If anyone has experience with E2E systems, secure storage, or crypto-heavy apps, I’d really appreciate any feedback or criticism — especially on the sharing flow and key management.

https://preview.redd.it/f96krx0grizg1.jpg?width=720&format=pjpg&auto=webp&s=2103b3a57010da0286a27fd3b466561c3e68f4c3

reddit.com
u/Desperate-Art2958 — 9 days ago
▲ 5 r/FlutterDev

Not posting this as a promotion — I’m more interested in sharing the architecture and getting feedback on whether the approach makes sense.

Design overview

  • All encryption happens on-device (server never sees plaintext)
  • Master key derived using Argon2id (memory-hard, device-tuned)
  • Per-item keys derived via HKDF (key separation per item)
  • Data encrypted using AES-256-GCM with associated data binding (userId, itemId, type)

Sharing model

This was the most challenging part. Instead of server-side re-encryption:

  • Each user has an X25519 keypair
  • Each share generates a fresh symmetric key (DEK)
  • DEK is encrypted using recipient’s public key (ECDH + HKDF)
  • Server stores only ciphertext + wrapped key

Implementation challenges

  • Handling crypto without blocking UI (isolates / background work)
  • Managing key lifecycle in memory (auto-lock, clearing sensitive data)
  • Designing UX that stays simple while enforcing strict security rules
  • Keeping state consistent across sessions without leaking secrets

Open questions / things I’m evaluating

  • Public key distribution trust (currently email-based lookup → considering pinning/fingerprints)
  • Key rotation strategy for users
  • Whether to move authentication toward a PAKE (SRP / OPAQUE)
  • Tradeoffs around metadata leakage

I’ve made the project open-source here: https://github.com/TrendySloth1001/keepit/releases

If anyone has experience with E2E systems, secure storage, or crypto-heavy apps, I’d really appreciate any feedback or criticism — especially on the sharing flow and key management.

reddit.com
u/Desperate-Art2958 — 9 days ago